1. Field of the Presently Disclosed and/or Claimed Inventive Concepts
The inventive concepts disclosed and claimed herein relate to identity verification security, and more particularly, but not by way of limitation, to systems and methods for improving the security of biometric data access to servers.
2. Brief Description of Related Art
As people look for new ways to improve security for access to central servers, use of biometric data is becoming more and more common. Biometrics is a process by which a person's unique traits, physical or other, are detected and recorded as a means of confirming identity. Features commonly measured include fingerprints, face, hand geometry, handwriting, iris, retina, veins, heart rhythm, and voice. Using a unique, physical attribute of your body, such as your fingerprint or iris, to effortlessly identify and verify that you are who you claim to be, is the best and easiest solution in the market today.
While biometrics provides a unique electronic signature of an individual, it also presents some problems. First, if your fingerprint data, for example, is ever hacked and duplicated, you are not able to change it like you can a password. Thus, all subsequent use of your fingerprint data is subject to spoofing (forgery) once someone has your unique fingerprint signature. Second, multiple scans of a same fingerprint may not be exact for several reasons including fingerprint scans do not always scan the same portion of the finger, and the orientation of the finger relative to the scanner can change. Therefore, an inexact fingerprint scan must be compared to previously stored fingerprint scans in order to determine whether they match. This requires storing the fingerprint scan on the server, which then makes that data vulnerable to server attacks.
The “inexactness” of most scans also prevents hashing the data prior to transmission. Hashing is a common method for securing sensitive data, since once hashed, the data can only be compared in its entirety, not in individual components. However, hashing a biometric scan such as a fingerprint scan would require consistent scan results for comparisons in the entirety to work. If a single minutia is missing from the scan, or an extra found, the comparison of the hashed results will fail.
To compensate for the inexact nature of the biometric scan, the biometric files are quite large. For systems communicating over slower data networks, such as 2G wireless networks, the transmission of these relatively large files can take several seconds, negatively impacting the user experience. It would therefore be desirable to reduce the size of the biometric data communicated, and to use exact biometric data that can be hashed prior to communication. This disclosure proposes a method and system that accomplishes both.